HTTPS configuration for OctoberCMS












0















Hi everyone here I am again. I have been looking for the correct https configuration for october so that when visitors type www.mywebsite.com, the brower will assume https:// to be the beginning instead.



I changed the linkPolicy to secure (I tried force too but not sure where is the app.url that it mentioned in the comment) and 'backendForceSecure' to true, it works on when I access www.mywebsite.com/backend (automatically access via https) but not www.mywebsite.com (still access via http). Please help.






laravel-5.3 octobercms







share|improve this question

























  • Cant you use .htaccess for that?

    – dragontree
    May 18 '17 at 11:46











  • @dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

    – warmjaijai
    May 22 '17 at 9:03











  • As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

    – dragontree
    May 22 '17 at 9:32













  • Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

    – warmjaijai
    May 23 '17 at 6:29
















0















Hi everyone here I am again. I have been looking for the correct https configuration for october so that when visitors type www.mywebsite.com, the brower will assume https:// to be the beginning instead.



I changed the linkPolicy to secure (I tried force too but not sure where is the app.url that it mentioned in the comment) and 'backendForceSecure' to true, it works on when I access www.mywebsite.com/backend (automatically access via https) but not www.mywebsite.com (still access via http). Please help.






laravel-5.3 octobercms







share|improve this question

























  • Cant you use .htaccess for that?

    – dragontree
    May 18 '17 at 11:46











  • @dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

    – warmjaijai
    May 22 '17 at 9:03











  • As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

    – dragontree
    May 22 '17 at 9:32













  • Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

    – warmjaijai
    May 23 '17 at 6:29














0












0








0








Hi everyone here I am again. I have been looking for the correct https configuration for october so that when visitors type www.mywebsite.com, the brower will assume https:// to be the beginning instead.



I changed the linkPolicy to secure (I tried force too but not sure where is the app.url that it mentioned in the comment) and 'backendForceSecure' to true, it works on when I access www.mywebsite.com/backend (automatically access via https) but not www.mywebsite.com (still access via http). Please help.






laravel-5.3 octobercms







share|improve this question
















Hi everyone here I am again. I have been looking for the correct https configuration for october so that when visitors type www.mywebsite.com, the brower will assume https:// to be the beginning instead.



I changed the linkPolicy to secure (I tried force too but not sure where is the app.url that it mentioned in the comment) and 'backendForceSecure' to true, it works on when I access www.mywebsite.com/backend (automatically access via https) but not www.mywebsite.com (still access via http). Please help.






laravel-5.3 octobercms




laravel-5.3 octobercms






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited May 18 '17 at 9:07







warmjaijai

















asked May 18 '17 at 8:56









warmjaijaiwarmjaijai

2651718




2651718













  • Cant you use .htaccess for that?

    – dragontree
    May 18 '17 at 11:46











  • @dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

    – warmjaijai
    May 22 '17 at 9:03











  • As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

    – dragontree
    May 22 '17 at 9:32













  • Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

    – warmjaijai
    May 23 '17 at 6:29



















  • Cant you use .htaccess for that?

    – dragontree
    May 18 '17 at 11:46











  • @dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

    – warmjaijai
    May 22 '17 at 9:03











  • As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

    – dragontree
    May 22 '17 at 9:32













  • Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

    – warmjaijai
    May 23 '17 at 6:29

















Cant you use .htaccess for that?

– dragontree
May 18 '17 at 11:46





Cant you use .htaccess for that?

– dragontree
May 18 '17 at 11:46













@dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

– warmjaijai
May 22 '17 at 9:03





@dragontree I do not think that helps but thanks for your input. There should be some configuration that we can set I believe...

– warmjaijai
May 22 '17 at 9:03













As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

– dragontree
May 22 '17 at 9:32







As far as I know, there there is currently no such setting for the frontend in OctoberCMS, that is why I suggested using htaccess

– dragontree
May 22 '17 at 9:32















Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

– warmjaijai
May 23 '17 at 6:29





Noted. Thanks a lot for your information. Really hope that OctoberCMS will be improved for these common requirements.

– warmjaijai
May 23 '17 at 6:29












3 Answers
3






active

oldest

votes


















1














This solution worked for me.



1- Enable debug mode:



in config/app.php



'debug' => true,



2- Clear cache



3- Add those lines, in the .htaccess file at the root of your site :



    ## Force secure connection

    RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]

    RewriteCond %{HTTP:X-Forwarded-Proto} =""

    RewriteCond %{HTTPS} !=on

    RewriteRule ^https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


4- Modifiy the app.url in the /web/config/app.php file



    'app.url' => 'https://...',





share|improve this answer

































    0














    Still no solution for configure https in October CMS? I have nginx shared hosting with Let's encrypt certificate and linkPolicy='secure' still not work properly.
    How this CMS want to be popular if such a "small" problem can't be fix for 2 years (just check official forum and threads like "Routing over SSL", "Forcing SSL" etc.
    Using .htaccess is only workaround.
    F. ex. how to solve this in nginx (without .htaccess)? Buy another server?






    share|improve this answer
























    • OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

      – warmjaijai
      Jun 1 '17 at 6:05











    • And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

      – warmjaijai
      Jun 1 '17 at 6:09



















    0














    Use .htaccess or configure your apache or ngix to use https and redirect all traffic to https.
    ngix: https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom



    apache How to redirect all HTTP requests to HTTPS



    Use htst headers 



    Strict-Transport-Security: max-age=31536000


    https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet



    In path/to/october/config/app.php set your url value to a https domain.






    share|improve this answer
























    • Thanks for your input but I yet to have the chance to try that out.

      – warmjaijai
      Jun 1 '17 at 6:06











    Your Answer






    StackExchange.ifUsing("editor", function () {
    StackExchange.using("externalEditor", function () {
    StackExchange.using("snippets", function () {
    StackExchange.snippets.init();
    });
    });
    }, "code-snippets");

    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "1"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f44043086%2fhttps-configuration-for-octobercms%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    3 Answers
    3






    active

    oldest

    votes








    3 Answers
    3






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    This solution worked for me.



    1- Enable debug mode:



    in config/app.php



    'debug' => true,



    2- Clear cache



    3- Add those lines, in the .htaccess file at the root of your site :



        ## Force secure connection
    
    RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
    
    RewriteCond %{HTTP:X-Forwarded-Proto} =""
    
    RewriteCond %{HTTPS} !=on
    
    RewriteRule ^https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


    4- Modifiy the app.url in the /web/config/app.php file



        'app.url' => 'https://...',





    share|improve this answer






























      1














      This solution worked for me.



      1- Enable debug mode:



      in config/app.php



      'debug' => true,



      2- Clear cache



      3- Add those lines, in the .htaccess file at the root of your site :



          ## Force secure connection
      
    RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
      
    RewriteCond %{HTTP:X-Forwarded-Proto} =""
      
    RewriteCond %{HTTPS} !=on
      
    RewriteRule ^https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


      4- Modifiy the app.url in the /web/config/app.php file



          'app.url' => 'https://...',





      share|improve this answer




























        1












        1








        1







        This solution worked for me.



        1- Enable debug mode:



        in config/app.php



        'debug' => true,



        2- Clear cache



        3- Add those lines, in the .htaccess file at the root of your site :



            ## Force secure connection
        
    RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
        
    RewriteCond %{HTTP:X-Forwarded-Proto} =""
        
    RewriteCond %{HTTPS} !=on
        
    RewriteRule ^https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


        4- Modifiy the app.url in the /web/config/app.php file



            'app.url' => 'https://...',





        share|improve this answer















        This solution worked for me.



        1- Enable debug mode:



        in config/app.php



        'debug' => true,



        2- Clear cache



        3- Add those lines, in the .htaccess file at the root of your site :



            ## Force secure connection
        
    RewriteCond %{HTTP:X-Forwarded-Proto} =http [OR]
        
    RewriteCond %{HTTP:X-Forwarded-Proto} =""
        
    RewriteCond %{HTTPS} !=on
        
    RewriteRule ^https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


        4- Modifiy the app.url in the /web/config/app.php file



            'app.url' => 'https://...',






        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Nov 20 '18 at 17:04

























        answered Nov 20 '18 at 16:54









        BehiryBehiry

        14113




        14113

























            0














            Still no solution for configure https in October CMS? I have nginx shared hosting with Let's encrypt certificate and linkPolicy='secure' still not work properly.
            How this CMS want to be popular if such a "small" problem can't be fix for 2 years (just check official forum and threads like "Routing over SSL", "Forcing SSL" etc.
            Using .htaccess is only workaround.
            F. ex. how to solve this in nginx (without .htaccess)? Buy another server?






            share|improve this answer
























            • OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

              – warmjaijai
              Jun 1 '17 at 6:05











            • And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

              – warmjaijai
              Jun 1 '17 at 6:09
















            0














            Still no solution for configure https in October CMS? I have nginx shared hosting with Let's encrypt certificate and linkPolicy='secure' still not work properly.
            How this CMS want to be popular if such a "small" problem can't be fix for 2 years (just check official forum and threads like "Routing over SSL", "Forcing SSL" etc.
            Using .htaccess is only workaround.
            F. ex. how to solve this in nginx (without .htaccess)? Buy another server?






            share|improve this answer
























            • OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

              – warmjaijai
              Jun 1 '17 at 6:05











            • And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

              – warmjaijai
              Jun 1 '17 at 6:09














            0












            0








            0







            Still no solution for configure https in October CMS? I have nginx shared hosting with Let's encrypt certificate and linkPolicy='secure' still not work properly.
            How this CMS want to be popular if such a "small" problem can't be fix for 2 years (just check official forum and threads like "Routing over SSL", "Forcing SSL" etc.
            Using .htaccess is only workaround.
            F. ex. how to solve this in nginx (without .htaccess)? Buy another server?






            share|improve this answer













            Still no solution for configure https in October CMS? I have nginx shared hosting with Let's encrypt certificate and linkPolicy='secure' still not work properly.
            How this CMS want to be popular if such a "small" problem can't be fix for 2 years (just check official forum and threads like "Routing over SSL", "Forcing SSL" etc.
            Using .htaccess is only workaround.
            F. ex. how to solve this in nginx (without .htaccess)? Buy another server?







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered May 30 '17 at 14:47









            Zuba EmanZuba Eman

            113




            113













            • OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

              – warmjaijai
              Jun 1 '17 at 6:05











            • And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

              – warmjaijai
              Jun 1 '17 at 6:09



















            • OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

              – warmjaijai
              Jun 1 '17 at 6:05











            • And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

              – warmjaijai
              Jun 1 '17 at 6:09

















            OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

            – warmjaijai
            Jun 1 '17 at 6:05





            OctoberCMS is a very good CMS in my opinion but there is still a lot of space to be improved. I am also struggling a lot in looking for answers for some issues but no luck...

            – warmjaijai
            Jun 1 '17 at 6:05













            And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

            – warmjaijai
            Jun 1 '17 at 6:09





            And I dont think it is proper to ask questions by answering people's questions in Stackoverflow. You can choose to comment on it like what I do now instead.

            – warmjaijai
            Jun 1 '17 at 6:09











            0














            Use .htaccess or configure your apache or ngix to use https and redirect all traffic to https.
            ngix: https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom



            apache How to redirect all HTTP requests to HTTPS



            Use htst headers 



            Strict-Transport-Security: max-age=31536000


            https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet



            In path/to/october/config/app.php set your url value to a https domain.






            share|improve this answer
























            • Thanks for your input but I yet to have the chance to try that out.

              – warmjaijai
              Jun 1 '17 at 6:06
















            0














            Use .htaccess or configure your apache or ngix to use https and redirect all traffic to https.
            ngix: https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom



            apache How to redirect all HTTP requests to HTTPS



            Use htst headers 



            Strict-Transport-Security: max-age=31536000


            https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet



            In path/to/october/config/app.php set your url value to a https domain.






            share|improve this answer
























            • Thanks for your input but I yet to have the chance to try that out.

              – warmjaijai
              Jun 1 '17 at 6:06














            0












            0








            0







            Use .htaccess or configure your apache or ngix to use https and redirect all traffic to https.
            ngix: https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom



            apache How to redirect all HTTP requests to HTTPS



            Use htst headers 



            Strict-Transport-Security: max-age=31536000


            https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet



            In path/to/october/config/app.php set your url value to a https domain.






            share|improve this answer













            Use .htaccess or configure your apache or ngix to use https and redirect all traffic to https.
            ngix: https://serverfault.com/questions/67316/in-nginx-how-can-i-rewrite-all-http-requests-to-https-while-maintaining-sub-dom



            apache How to redirect all HTTP requests to HTTPS



            Use htst headers 



            Strict-Transport-Security: max-age=31536000


            https://www.owasp.org/index.php/HTTP_Strict_Transport_Security_Cheat_Sheet



            In path/to/october/config/app.php set your url value to a https domain.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered May 30 '17 at 15:08









            TschallackaTschallacka

            15.1k65289




            15.1k65289













            • Thanks for your input but I yet to have the chance to try that out.

              – warmjaijai
              Jun 1 '17 at 6:06



















            • Thanks for your input but I yet to have the chance to try that out.

              – warmjaijai
              Jun 1 '17 at 6:06

















            Thanks for your input but I yet to have the chance to try that out.

            – warmjaijai
            Jun 1 '17 at 6:06





            Thanks for your input but I yet to have the chance to try that out.

            – warmjaijai
            Jun 1 '17 at 6:06


















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Stack Overflow!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f44043086%2fhttps-configuration-for-octobercms%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            -

            Popular posts from this blog

            Paul Cézanne

            Image
            Pour l’article ayant un titre homophone, voir Sézanne. Paul Cézanne.mw-parser-output .entete.artiste{background-image:url("//upload.wikimedia.org/wikipedia/commons/f/f3/Picto_infobox_artiste.png")} Autoportrait vers 1861 Naissance 19 janvier 1839 Aix-en-Provence (France) Décès 22 octobre 1906 (à 67 ans) Aix-en-Provence (France) Nationalité Française Activité Peintre Formation Académie de Charles Suisse Maître Joseph Gilbert, Antoine Guillemet, Camille Pissarro Mouvement Impressionnisme postimpressionnisme Influencé par Eugène Delacroix, Gustave Courbet, Véronèse A influencé Braque, Picasso, Matisse Conjoint Hortense Fiquet (depuis 1886) Enfant Paul Cézanne  ( d ) Œuvres principales La Montagne Sainte-Victoire, Portrait de madame Cézanne signature modifier - modifier le code - modifier Wikidata Paul Cézanne , né le 19 janvier 1839 à Aix-en-Provence et mort le 22 octobre 1906 dans la mê...
            Read more

            UIScrollView CustomStickyHeader Resize height generates problems when scroll is too fast

            Image
            0 I have been trying for a while to create a UIViewController that has a CustomStickyHeader and a UITableView. The idea I have been following is use the UITableView scrolling for changing the header view with the value of the contentOffset. The layout for the ViewController (AlbumsViewController) looks like: The UItableView Scrolling functions from the delegate are implemented like that: func scrollViewDidScroll(_ scrollView: UIScrollView) { let endReached = contentTableView.contentOffset.y >= (contentTableView.contentSize.height - contentTableView.frame.size.height) let isUP = lastContentOffset > scrollView.contentOffset.y if scrollView.contentOffset.y < 0 { headerHeightConstraint.constant += abs(scrollView.contentOffset.y) } else{ if !endReached{ ...
            Read more

            Angular material date-picker (MatDatepicker) auto completes the date on focus out

            Image
            3 3 I am using angular material/mat-datepicker in my project and whenever the user enters one digit inside of it, and goes out of focus - the date picker is auto completing with a random date. Example Just enter 1 and go out of focus, or enter 5/5/20 The date picker is adding date automatically Update : Also I am using reactive forms and I'm validating the input with that approach Can I disable this ? angular datepicker angular-material angular6 angular-material-datetimepicker share | improve this question edited Nov 20 '18 at 13:21 ...
            Read more